var-201907-0863
Vulnerability from variot
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit this vulnerability by accessing the configuration interface, which may require a password, and then accessing the device's physical interface and inserting a USB storage device. A successful exploit could allow the attacker to execute arbitrary commands on the device in an elevated security context. At the time of publication, this vulnerability affected Cisco Small Business SPA500 Series IP Phones firmware releases 7.6.2SR5 and prior. This issue is being tracked by Cisco Bug ID CSCvp40762 and CSCvp40765
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201907-0863", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "spa502g", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa509g", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa508g", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa504g", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa512g", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa514g", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa525g2", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa500s", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa501g", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa500ds", scope: "lte", trust: 1, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 500ds", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 500s", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 501g", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 502g", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 504g", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 508g", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 509g", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 512g", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 514g", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "spa 525g2", scope: "lte", trust: 0.8, vendor: "cisco", version: "7.6.2sr5", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.5.4", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.5.3", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.5.1", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.4.8", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.4.7", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.4.6", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.4.4", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.4.3", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.3.7", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.3.5", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.2.5", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.1.7", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.1.3", }, { model: "small business spa500 series ip phones 7.6.2sr5", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.5.5", }, { model: "small business spa500 series ip phones 7.5.2b", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.5", }, { model: "small business spa500 series ip phones 7.4.9c", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "small business spa500 series ip phones 7.4.9a", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "small business spa500 series ip phones 7.4.8a", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.4", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.3", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.2", }, { model: "small business spa500 series ip phones", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.1", }, ], sources: [ { db: "BID", id: "109294", }, { db: "JVNDB", id: "JVNDB-2019-006933", }, { db: "NVD", id: "CVE-2019-1923", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa501g_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa501g:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa502g_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa502g:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa504g_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa504g:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa508g_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa508g:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa509g_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa509g:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa512g_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa512g:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa514g_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa514g:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa525g2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa525g2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa500s_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa500s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:spa500ds_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.6.2sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:spa500ds:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-1923", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Dustin Cobb of Aon???s Cyber Labs,Dustin Cobb of Aon’s Cyber Labs .", sources: [ { db: "CNNVD", id: "CNNVD-201907-1011", }, ], trust: 0.6, }, cve: "CVE-2019-1923", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 4.6, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-1923", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "VHN-151655", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "PHYSICAL", author: "NVD", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.7, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "PHYSICAL", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.7, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Physical", author: "NVD", availabilityImpact: "High", baseScore: 6.6, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-1923", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-1923", trust: 1.8, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2019-1923", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201907-1011", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-151655", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-151655", }, { db: "JVNDB", id: "JVNDB-2019-006933", }, { db: "NVD", id: "CVE-2019-1923", }, { db: "NVD", id: "CVE-2019-1923", }, { db: "CNNVD", id: "CNNVD-201907-1011", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit this vulnerability by accessing the configuration interface, which may require a password, and then accessing the device's physical interface and inserting a USB storage device. A successful exploit could allow the attacker to execute arbitrary commands on the device in an elevated security context. At the time of publication, this vulnerability affected Cisco Small Business SPA500 Series IP Phones firmware releases 7.6.2SR5 and prior. \nThis issue is being tracked by Cisco Bug ID CSCvp40762 and CSCvp40765", sources: [ { db: "NVD", id: "CVE-2019-1923", }, { db: "JVNDB", id: "JVNDB-2019-006933", }, { db: "BID", id: "109294", }, { db: "VULHUB", id: "VHN-151655", }, ], trust: 1.98, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-1923", trust: 2.8, }, { db: "BID", id: "109294", trust: 2, }, { db: "JVNDB", id: "JVNDB-2019-006933", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201907-1011", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.2680", trust: 0.6, }, { db: "VULHUB", id: "VHN-151655", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-151655", }, { db: "BID", id: "109294", }, { db: "JVNDB", id: "JVNDB-2019-006933", }, { db: "NVD", id: "CVE-2019-1923", }, { db: "CNNVD", id: "CNNVD-201907-1011", }, ], }, id: "VAR-201907-0863", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-151655", }, ], trust: 0.59358973, }, last_update_date: "2023-12-18T13:18:40.748000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-20190717-spa500-command", trust: 0.8, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190717-spa500-command", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-006933", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.1, }, { problemtype: "CWE-77", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-151655", }, { db: "JVNDB", id: "JVNDB-2019-006933", }, { db: "NVD", id: "CVE-2019-1923", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190717-spa500-command", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/109294", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-1923", }, { trust: 0.9, url: "http://www.cisco.com/", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1923", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2680/", }, ], sources: [ { db: "VULHUB", id: "VHN-151655", }, { db: "BID", id: "109294", }, { db: "JVNDB", id: "JVNDB-2019-006933", }, { db: "NVD", id: "CVE-2019-1923", }, { db: "CNNVD", id: "CNNVD-201907-1011", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-151655", }, { db: "BID", id: "109294", }, { db: "JVNDB", id: "JVNDB-2019-006933", }, { db: "NVD", id: "CVE-2019-1923", }, { db: "CNNVD", id: "CNNVD-201907-1011", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-07-17T00:00:00", db: "VULHUB", id: "VHN-151655", }, { date: "2019-07-17T00:00:00", db: "BID", id: "109294", }, { date: "2019-07-30T00:00:00", db: "JVNDB", id: "JVNDB-2019-006933", }, { date: "2019-07-17T21:15:12.170000", db: "NVD", id: "CVE-2019-1923", }, { date: "2019-07-17T00:00:00", db: "CNNVD", id: "CNNVD-201907-1011", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-16T00:00:00", db: "VULHUB", id: "VHN-151655", }, { date: "2019-07-17T00:00:00", db: "BID", id: "109294", }, { date: "2019-07-30T00:00:00", db: "JVNDB", id: "JVNDB-2019-006933", }, { date: "2020-10-16T15:14:22.297000", db: "NVD", id: "CVE-2019-1923", }, { date: "2020-10-21T00:00:00", db: "CNNVD", id: "CNNVD-201907-1011", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "BID", id: "109294", }, { db: "CNNVD", id: "CNNVD-201907-1011", }, ], trust: 0.9, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco Small Business SPA500 series IP Phone Command injection vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-006933", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input Validation Error", sources: [ { db: "BID", id: "109294", }, { db: "CNNVD", id: "CNNVD-201907-1011", }, ], trust: 0.9, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.